On 03/03/2013 04:33 PM, Reindl Harald wrote:
Am 03.03.2013 22:30, schrieb Robert Moskowitz:
I am trying to recall back at least 2 years, and my notes are poor, and my searching appears to be worst...
Seems I recall that last when I set up my apache server, the spammers were posting to it so it would send out the spam on port 25. There was some conf that I did to block this, but I did not document it, and I can't find any reference to this
what are you speaking about? apache is a WEBSERVER and has NOTHING to do with email
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
My old server has been running smoothly for over two years, but it is time to bring the software current. I did all the work on this back then, or maybe before and copied from my earlier server. This time I am trying to build everything clean and document every change I make.
Am 03.03.2013 22:49, schrieb Robert Moskowitz:
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
My old server has been running smoothly for over two years, but it is time to bring the software current. I did all the work on this back then, or maybe before and copied from my earlier server. This time I am trying to build everything clean and document every change I make.
Such a misbehaviour would be caused by a misconfigured apache proxy setup.
Alexander
On 03/03/2013 05:06 PM, Alexander Dalloz wrote:
Am 03.03.2013 22:49, schrieb Robert Moskowitz:
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
My old server has been running smoothly for over two years, but it is time to bring the software current. I did all the work on this back then, or maybe before and copied from my earlier server. This time I am trying to build everything clean and document every change I make.
Such a misbehaviour would be caused by a misconfigured apache proxy setup.
It is coming back now through a pair of dark glasses. Just haven't built a public web server is so long, as the old one just ran for as little as I needed it, that I lost the notes on the problem. Looks like current defaults do not allow this.
On 03/03/2013 05:06 PM, Alexander Dalloz wrote:
Am 03.03.2013 22:49, schrieb Robert Moskowitz:
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
My old server has been running smoothly for over two years, but it is time to bring the software current. I did all the work on this back then, or maybe before and copied from my earlier server. This time I am trying to build everything clean and document every change I make.
Such a misbehaviour would be caused by a misconfigured apache proxy setup.
It is coming back now through a pair of dark glasses. Just haven't built a public web server is so long, as the old one just ran for as little as I needed it, that I lost the notes on the problem. Looks like current defaults do not allow this.
Wouldn't this attack be similar to using someone's web server as a proxy to get to other sites? By default, apache doesn't permit itself to "proxy" this way.
A simple test would be to do something like this to your own web server, or one in question:
$ telnet ip.of.webserver 80
GET http://www.google.com HTTP/1.0 <return><return>
If life gives you lemons, keep them-- because hey.. free lemons. "~heart~ Sticker" fixer: http://microflush.org/stuff/stickers/heartFix.html
On 03/03/2013 05:46 PM, Joseph Spenner wrote:
On 03/03/2013 05:06 PM, Alexander Dalloz wrote:
Am 03.03.2013 22:49, schrieb Robert Moskowitz:
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
My old server has been running smoothly for over two years, but it is time to bring the software current. I did all the work on this back then, or maybe before and copied from my earlier server. This time I am trying to build everything clean and document every change I make.
Such a misbehaviour would be caused by a misconfigured apache proxy setup. It is coming back now through a pair of dark glasses. Just haven't built a public web server is so long, as the old one just ran for as little as I needed it, that I lost the notes on the problem. Looks like current defaults do not allow this.
Wouldn't this attack be similar to using someone's web server as a proxy to get to other sites? By default, apache doesn't permit itself to "proxy" this way.
Not anymore. Once upon a time, the internet was a nice place and so what if you proxied? But the dragons were always lurking there, ready to feed...
On 03/03/2013 04:49 PM, Robert Moskowitz wrote:
On 03/03/2013 04:33 PM, Reindl Harald wrote:
Am 03.03.2013 22:30, schrieb Robert Moskowitz:
I am trying to recall back at least 2 years, and my notes are poor, and my searching appears to be worst...
Seems I recall that last when I set up my apache server, the spammers were posting to it so it would send out the spam on port 25. There was some conf that I did to block this, but I did not document it, and I can't find any reference to this
what are you speaking about? apache is a WEBSERVER and has NOTHING to do with email
There was an attack, and if you search you will find references to it, where the spammers post to your web server in such a way that they relay out port 25. They send to your port 80, but you send out port 25. For example:
http://forums.fedoraforum.org/archive/index.php/t-173601.html
My old server has been running smoothly for over two years, but it is time to bring the software current. I did all the work on this back then, or maybe before and copied from my earlier server. This time I am trying to build everything clean and document every change I make.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
If / when I get the guts to build my own Apache web server...I would think that the ONLY way to do it would be to document EVERYTHING....sort of as a "Just-In-Case" policy?....or is it only after you've built it?...and when you make CHANGES to your server....THAT'S when you document everything?....
EGO II
-
Alexander Dalloz -
Eddie G. O'Connor Jr. -
Joseph Spenner -
Robert Moskowitz